A high-severity vulnerability has been discovered in the All-in-One Video Gallery plugin for WordPress. This flaw allows an attacker to upload malicious files to the server, potentially leading to a complete website takeover, data theft, or further attacks launched from the compromised server. Immediate action is required to update the affected plugin to prevent exploitation.

The All-in-One Video Gallery plugin for WordPress fails to properly validate files uploaded by users. An unauthenticated attacker can craft a malicious request to upload a file with an executable extension (e.g., .php). Because the plugin does not restrict the file type, the malicious file is saved to a web-accessible directory on the server, allowing the attacker to execute arbitrary code with the permissions of the web server user.

This vulnerability is rated as High severity with a CVSS score of 8.8. Successful exploitation could lead to a complete compromise of the affected website and the underlying server. Potential consequences include website defacement, theft of sensitive data such as customer information or intellectual property, installation of malware for crypto-mining or phishing campaigns, and reputational damage. The compromised website could also be used to attack other systems, creating further liability for the organization.

Immediate Action: Immediately update the "All-in-One Video Gallery" plugin to the latest patched version (greater than version 4). If the plugin is not critical to business operations, consider deactivating and removing it entirely to eliminate the attack surface. After updating, review WordPress security settings and file permissions to ensure they follow best practices.

Proactive Monitoring: Monitor web server access logs for unusual POST requests to plugin-related endpoints, especially those involving file uploads. Scan the web server's file system, particularly the wp-content/uploads directory, for any suspicious or unexpected files (e.g., .php, .phtml, .phar). Monitor for unusual outbound network connections from the web server, which could indicate a successful compromise.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules designed to block malicious file uploads and requests targeting known vulnerable plugin endpoints. Harden the web server configuration to prevent the execution of PHP scripts from the uploads directory. Implement a File Integrity Monitoring (FIM) solution to alert on the creation of unauthorized files in web directories.

Public Exploit Available: true

Given the high severity (CVSS 8.8) and the public availability of exploit code, immediate remediation is critical. Organizations must prioritize updating the All-in-One Video Gallery plugin on all WordPress instances to the latest version without delay. Following the update, a thorough security audit should be conducted on affected websites to search for any indicators of compromise, as the vulnerability may have been exploited before patching was possible.